Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/64cca42d-40a8-4dca-85f4-0ac6a32e6088.roa
File:                     64cca42d-40a8-4dca-85f4-0ac6a32e6088.roa (raw, json)
Hash identifier:          5qHmj7V+D4cBgrhoiyxjsJJChGy/y6b+PF+klbOoVRY=
Subject key identifier:   5D:D5:70:A7:AC:4E:6E:8F:39:E5:F8:AE:BB:6C:D9:07:97:E5:57:1A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1690B6C9ADF25AE5C41A97DD4D4EE899CB7DB046
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/64cca42d-40a8-4dca-85f4-0ac6a32e6088.roa
Signing time:             Wed 09 Jul 2025 00:31:24 +0000
ROA not before:           Wed 09 Jul 2025 00:31:24 +0000
ROA not after:            Wed 13 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.22.96.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:90:b6:c9:ad:f2:5a:e5:c4:1a:97:dd:4d:4e:e8:99:cb:7d:b0:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  9 00:31:24 2025 GMT
            Not After : Aug 13 23:59:59 2025 GMT
        Subject: serialNumber=cfca17fa558f61378f0bdcfb080f9e92ed3087127b2bf4e017adf1bc4521a09b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c7:4c:fb:3a:52:c6:c3:ba:1f:e3:c9:02:96:
                    b1:ed:bc:b4:cc:c1:32:5a:df:aa:3b:fb:3d:ec:7a:
                    86:c7:6f:ba:0f:05:1e:27:f2:95:d4:08:25:d1:09:
                    1e:2d:29:9f:8d:9a:13:e7:dd:0b:fe:3e:b1:33:27:
                    35:eb:f8:35:4c:b2:af:71:44:76:89:b0:d4:4f:c1:
                    41:5c:b9:30:f9:ec:d8:cc:75:ba:66:9f:14:e6:82:
                    a5:98:3b:e7:01:30:e6:73:c6:bd:ff:05:08:ee:09:
                    ce:a0:2f:7f:cc:ca:53:4c:3f:a3:59:75:cc:67:0b:
                    ae:dd:37:29:86:11:7b:63:71:0a:18:fc:20:1e:52:
                    bc:19:b1:74:ea:05:72:db:71:46:75:b6:60:c0:43:
                    0d:d4:95:e4:6f:66:1c:49:6c:ed:c0:44:32:30:b1:
                    05:33:0e:5c:0f:f6:55:b6:5a:b0:12:51:5e:a0:c4:
                    42:1a:34:0b:77:95:0b:43:55:dd:7b:59:6b:61:e1:
                    05:c6:09:23:15:04:09:28:0e:77:aa:39:d1:b2:8a:
                    ec:d8:3e:df:5c:7d:e8:24:40:1e:72:3c:cf:c4:a7:
                    40:96:2d:7a:5a:ff:6c:06:79:46:74:72:57:d5:da:
                    ce:af:0c:40:2e:b7:55:e2:53:1a:15:e4:12:f7:ec:
                    06:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D5:70:A7:AC:4E:6E:8F:39:E5:F8:AE:BB:6C:D9:07:97:E5:57:1A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/64cca42d-40a8-4dca-85f4-0ac6a32e6088.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.22.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         53:31:d4:2c:d2:2d:42:30:2d:92:2c:33:4d:8f:bd:c5:53:1e:
         c4:3f:b8:fa:21:4b:cd:d3:d1:d3:bd:e1:6d:19:0b:f7:a1:6f:
         42:d6:90:84:cd:02:b7:f5:71:e3:ed:24:74:ea:2b:a1:a6:4d:
         b9:cb:52:bf:0b:40:04:4b:73:6c:f0:cd:31:48:9b:45:d7:e0:
         c8:48:a5:7e:34:86:5e:a7:c8:17:1e:d0:46:2a:e9:e0:17:12:
         9e:98:86:dd:d9:81:58:af:cf:ad:03:43:6c:93:b4:8b:f0:b7:
         4c:88:45:d1:0f:11:70:61:7a:36:50:72:bf:bb:21:3e:d1:45:
         1b:ef:eb:f0:bf:17:07:ea:d5:04:be:27:70:8e:5a:9e:b6:1c:
         c1:5a:0e:0b:b7:29:22:11:c1:10:a4:44:cc:9c:dd:6f:ad:ca:
         e4:58:4e:c4:42:e6:b7:49:3d:dd:5f:50:b8:48:1f:2d:6f:9a:
         27:2e:3c:9e:fe:0e:32:6b:7f:95:55:e7:da:72:d9:ed:17:86:
         5e:dc:fe:37:ac:5c:69:db:3b:e2:e1:3e:8a:58:ab:dc:89:97:
         ba:d8:d9:fd:b5:11:bd:24:a8:dc:45:73:b7:d4:34:d1:76:09:
         4c:cb:7c:b0:93:ef:49:d5:12:90:99:fe:99:08:61:8c:0a:9b:
         6f:2e:dd:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFpC2ya3yWuXEGpfdTU7omct9sEYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA5MDAzMTI0WhcNMjUwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZmNhMTdmYTU1OGY2MTM3OGYwYmRjZmIwODBmOWU5MmVk
MzA4NzEyN2IyYmY0ZTAxN2FkZjFiYzQ1MjFhMDliMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5x0z7OlLGw7of48kClrHtvLTMwTJa36o7+z3seobHb7oP
BR4n8pXUCCXRCR4tKZ+NmhPn3Qv+PrEzJzXr+DVMsq9xRHaJsNRPwUFcuTD57NjM
dbpmnxTmgqWYO+cBMOZzxr3/BQjuCc6gL3/MylNMP6NZdcxnC67dNymGEXtjcQoY
/CAeUrwZsXTqBXLbcUZ1tmDAQw3UleRvZhxJbO3ARDIwsQUzDlwP9lW2WrASUV6g
xEIaNAt3lQtDVd17WWth4QXGCSMVBAkoDneqOdGyiuzYPt9cfegkQB5yPM/Ep0CW
LXpa/2wGeUZ0clfV2s6vDEAut1XiUxoV5BL37AY5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXdVwp6xObo855fiuu2zZB5flVxowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY0Y2NhNDJkLTQwYTgtNGRjYS04NWY0LTBhYzZhMzJlNjA4OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUXFmAwDQYJKoZIhvcNAQELBQADggEBAFMx1CzSLUIwLZIsM02PvcVTHsQ/
uPohS83T0dO94W0ZC/ehb0LWkITNArf1cePtJHTqK6GmTbnLUr8LQARLc2zwzTFI
m0XX4MhIpX40hl6nyBce0EYq6eAXEp6Yht3ZgVivz60DQ2yTtIvwt0yIRdEPEXBh
ejZQcr+7IT7RRRvv6/C/Fwfq1QS+J3COWp62HMFaDgu3KSIRwRCkRMyc3W+tyuRY
TsRC5rdJPd1fULhIHy1vmicuPJ7+DjJrf5VV59py2e0Xhl7c/jesXGnbO+LhPopY
q9yJl7rY2f21Eb0kqNxFc7fUNNF2CUzLfLCT70nVEpCZ/pkIYYwKm28u3Uk=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:53:27 2025 by rpki-client